We know how frustrating it can be to discover new assets that don’t follow your internal security policies, such as using a geolocation that isn’t allowed or even a sudden spike in hosting from an approved country. These exposures can put your organization at risk, especially since they often go undetected and are challenging to split with automation.
That’s why we’re excited to see so many of our customers use our new IP page.
How does this help security teams?
- Allow investigations into “country” or “provider” regarding specific known risks.
- Find “providers” that are not allowed to be used on your attack surface.
- Make it easier to attribute ownership of assets by narrowing down which “country” and/or “provider” are associated with the assets.
- Your organization operates in a highly regulated environment, making it critical to know where certain customer data is hosted. With this new feature, you can see which assets are hosting data in what countries, such as GDPR or even sanctioned countries.
More flexibility when working with IPs
We strive to make attack surface data intuitive to work with to accelerate the remediation of exposures and vulnerabilities. Users can now group by “none” and “IP.” This new capability allows you to select the detail level at which you want to interact with your IP data. Group by “none” will enable you to see all domains and spot which IPs they are pointing to, whereas group by “IP” shows each row as a unique IP.
Group by “none” is essential as it allows you to see the most details about your data and the most versatile (mainly when exporting). However, being able to zoom out is super important to understand what you have and to find outliers. That is why we plan to add group by “provider” and “country” in subsequent additions to the IP page.
We also know that sometimes you may need suggestions on filtering your IP data. We now will suggest filters directly from the IP page. Simply select the providers or countries you want to look at or choose to see everything, but then exclude specific observations you are less interested in.
For many of our customers, this is a new way of interacting with their IP data, and we intend to help customers draw powerful insights from their IPs.
New methods to interact with IP data
Where you’re hosting data can give you valuable clues into where potential exposures could be hiding across your attack surface. We’ve introduced new visualizations on the IP page, which can be interactively filtered by clicking on specific components of the graphs, such as dragging and zooming on multiple bars simultaneously.
This helps you spot outliers and unexpected exposures. We’ve also included a reset button to zoom out after you’ve finished your analysis. This is a much more dynamic way of working with your data, and the charts on the IP page are continuously updated as we discover new data about your attack surface.
Already using Detectify? Log in to get an overview of what is exposed on your attack surface. If you’re not using Detectify, consider trying it out by signing up today for a free 2-week trial.